Server-Side Request Forgery in MLflow Affects Internal Services
CVE-2026-2393

7.1HIGH

Key Information:

Vendor: Mlflow
Status: Mlflow/mlflow
Vendor: CVE Published:; 11 May 2026

What is CVE-2026-2393?

A vulnerability in MLflow allows an authenticated attacker to exploit the _create_webhook() function, which improperly processes user-controlled URL parameters without sufficient validation. This issue enables attackers to force the MLflow backend to send HTTP requests to various endpoints, including internal services and external servers. The lack of input validation and sanitization makes the application susceptible to attacks that could lead to cloud credential theft, access to internal networks, and the exfiltration of sensitive data.

Affected Version(s)

mlflow/mlflow < 3.10.0

References

https://huntr.com/bounties/04ef100d-06b5-4a70-95b1-b7be23...

https://github.com/mlflow/mlflow/commit/64aa0ab7207f9c649...

CVSS V3.0

Score:

7.1

Severity:

HIGH

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 11, 2026
Vulnerability Reserved
Feb 12, 2026

CVE-2026-2393 Data

JSON

Mlflow

What is CVE-2026-2393?

Affected Version(s)

References

CVSS V3.0

Timeline